Question regarding error message

[qu4542]

Describe the problem -Ok weirdly enough initially i get the same error message that i get with "haugene/transmission-openvpn" and "guillaumedsde/alpine-qbittorrent-openvpn":

RTNETLINK answers: File exists ERROR: Linux route add command failed: external program exited with error status: 2 OpenVPN was configured to add an IPv6 route over tun0. However, no IPv6 has been configured for this interface, therefore the route installation may fail or may not work as expected.

-BUT somehow your docker does something different(???) and recovers:

Wed Feb 16 10:56:00 2022 TLS: soft reset sec=0 bytes=427421/-1 pkts=2513/0 Wed Feb 16 10:56:01 2022 VERIFY OK: depth=1, CN=Privado Wed Feb 16 10:56:01 2022 VERIFY KU OK Wed Feb 16 10:56:01 2022 Validating certificate extended key usage Wed Feb 16 10:56:01 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Wed Feb 16 10:56:01 2022 VERIFY EKU OK Wed Feb 16 10:56:01 2022 VERIFY X509NAME OK: CN=arn-001.vpn.privado.io Wed Feb 16 10:56:01 2022 VERIFY OK: depth=0, CN=arn-001.vpn.privado.io Wed Feb 16 10:56:01 2022 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Wed Feb 16 10:56:01 2022 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Wed Feb 16 10:56:01 2022 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA

-Now my question is since you describe your container as "This container contains OpenVPN and Deluge with a configuration where Deluge is running only when OpenVPN has an active tunnel." can i assumne that i am not leaking any ip/dns information (i have very basicunderstanding of how all this works), or can you tell me a way how i can check for any leaks?

Add your docker run command version: '3,2' services: deluge-openvpn: volumes:

• '/srv/dev-disk-by-uuid-***/!Downloads/Torrents:/download'
• '/srv/dev-disk-by-uuid-***/appdata/delugeVPN:/config' environment:
• OPENVPN_PROVIDER=PRIVADO
• OPENVPN_CONFIG=arn-001
• OPENVPN_USERNAME=**
• OPENVPN_PASSWORD=**
• LOCAL_NETWORK=192.168.0.0/16 cap_add:
• NET_ADMIN sysctls:
• net.ipv6.conf.all.disable_ipv6=1 ports:
• '8112:8112' image: ebrianne/docker-deluge-openvpn

Logs Found configs for PRIVADO in /tmp/tmp.lQM6ZgSdvo/vpn-configs-contrib-main/openvpn/privado, will replace current content in /etc/openvpn/privado Cleanup: deleting /tmp/tmp.bOUKsm9q7n and /tmp/tmp.lQM6ZgSdvo Wed Feb 16 09:55:58 2022 [start-vpn] Starting OpenVPN using config arn-001.ovpn Modifying /etc/openvpn/privado/arn-001.ovpn for best behaviour in this container Modification: Point auth-user-pass option to the username/password file Modification: Change ca certificate path Modification: Change ping options Modification: Update/set resolv-retry to 15 seconds Modification: Change tls-crypt keyfile path Modification: Set output verbosity to 3 Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop Wed Feb 16 09:55:59 2022 [start-vpn] Setting OpenVPN credentials... Wed Feb 16 09:55:59 2022 [ufw-enable] Got local network 192.168.112.1 and CIDR on interface eth0 Wed Feb 16 09:55:59 2022 [ufw-enable] Firewall script executed with tun0 /etc/openvpn/privado/arn-001.ovpn adding route to local network 192.168.0.0/16 via 192.168.112.1 dev eth0 Status: inactive Wed Feb 16 09:55:59 2022 [start-vpn] Starting openvpn Wed Feb 16 09:55:59 2022 OpenVPN 2.4.4 aarch64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021 Wed Feb 16 09:55:59 2022 library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08 Wed Feb 16 09:55:59 2022 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Wed Feb 16 09:55:59 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]86.106.103.67:1194 Wed Feb 16 09:55:59 2022 Socket Buffers: R=[212992->212992] S=[212992->212992] Wed Feb 16 09:55:59 2022 UDP link local: (not bound) Wed Feb 16 09:55:59 2022 UDP link remote: [AF_INET]86.106.103.67:1194 Wed Feb 16 09:55:59 2022 TLS: Initial packet from [AF_INET]86.106.103.67:1194, sid=3c7a0b3c efe06942 Wed Feb 16 09:55:59 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Wed Feb 16 09:55:59 2022 VERIFY OK: depth=1, CN=Privado Wed Feb 16 09:55:59 2022 VERIFY KU OK Wed Feb 16 09:55:59 2022 Validating certificate extended key usage Wed Feb 16 09:55:59 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Wed Feb 16 09:55:59 2022 VERIFY EKU OK Wed Feb 16 09:55:59 2022 VERIFY X509NAME OK: CN=arn-001.vpn.privado.io Wed Feb 16 09:55:59 2022 VERIFY OK: depth=0, CN=arn-001.vpn.privado.io Wed Feb 16 09:56:00 2022 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA Wed Feb 16 09:56:00 2022 [arn-001.vpn.privado.io] Peer Connection Initiated with [AF_INET]86.106.103.67:1194 Wed Feb 16 09:56:01 2022 SENT CONTROL [arn-001.vpn.privado.io]: 'PUSH_REQUEST' (status=1) Wed Feb 16 09:56:01 2022 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 493216,sndbuf 493216,explicit-exit-notify 5,route-gateway 172.21.36.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.21.36.26 255.255.254.0,peer-id 3,cipher AES-256-GCM' Wed Feb 16 09:56:01 2022 Option 'explicit-exit-notify' in [PUSH-OPTIONS]:6 is ignored by previous blocks Wed Feb 16 09:56:01 2022 OPTIONS IMPORT: timers and/or timeouts modified Wed Feb 16 09:56:01 2022 OPTIONS IMPORT: explicit notify parm(s) modified Wed Feb 16 09:56:01 2022 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified Wed Feb 16 09:56:01 2022 Socket Buffers: R=[212992->425984] S=[212992->425984] Wed Feb 16 09:56:01 2022 OPTIONS IMPORT: --ifconfig/up options modified Wed Feb 16 09:56:01 2022 OPTIONS IMPORT: route options modified Wed Feb 16 09:56:01 2022 OPTIONS IMPORT: route-related options modified Wed Feb 16 09:56:01 2022 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Wed Feb 16 09:56:01 2022 OPTIONS IMPORT: peer-id set Wed Feb 16 09:56:01 2022 OPTIONS IMPORT: adjusting link_mtu to 1624 Wed Feb 16 09:56:01 2022 OPTIONS IMPORT: data channel crypto options modified Wed Feb 16 09:56:01 2022 Data Channel: using negotiated cipher 'AES-256-GCM' Wed Feb 16 09:56:01 2022 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Wed Feb 16 09:56:01 2022 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Wed Feb 16 09:56:01 2022 ROUTE_GATEWAY 192.168.112.1/255.255.240.0 IFACE=eth0 HWADDR=02:42:c0:a8:70:02 Wed Feb 16 09:56:01 2022 GDG6: remote_host_ipv6=n/a Wed Feb 16 09:56:01 2022 ROUTE6: default_gateway=UNDEF Wed Feb 16 09:56:01 2022 OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options Wed Feb 16 09:56:01 2022 OpenVPN ROUTE: failed to parse/resolve route for host/network: ::/0 Wed Feb 16 09:56:01 2022 TUN/TAP device tun0 opened Wed Feb 16 09:56:01 2022 TUN/TAP TX queue length set to 100 Wed Feb 16 09:56:01 2022 do_ifconfig, tt->did_ifconfig_ipv6_setup=0 Wed Feb 16 09:56:01 2022 /sbin/ip link set dev tun0 up mtu 1500 Wed Feb 16 09:56:01 2022 /sbin/ip addr add dev tun0 172.21.36.26/23 broadcast 172.21.37.255 Wed Feb 16 09:56:01 2022 /etc/openvpn/tunnelUp.sh tun0 1500 1552 172.21.36.26 255.255.254.0 init Wed Feb 16 09:56:01 2022 [deluge-start] Up script executed with tun0 1500 1552 172.21.36.26 255.255.254.0 init

Deluge will run as

User name: root User uid: 0 User gid: 0

Wed Feb 16 09:56:01 2022 [deluge-start] [info] Deluge config file doesn't exist, copying default... Wed Feb 16 09:56:01 2022 [deluge-start] [info] Deluge webui config file doesn't exist, copying default... Wed Feb 16 09:56:01 2022 [deluge-start] Using ip of interface tun0: 172.21.36.26 Wed Feb 16 09:56:01 2022 [deluge-start] Updating Deluge conf file Wed Feb 16 09:56:01 2022 [deluge-start] Updating Deluge web conf file Wed Feb 16 09:56:01 2022 [deluge-start] Starting Deluge Wed Feb 16 09:56:03 2022 [deluge-start] Starting Deluge webui... Wed Feb 16 09:56:03 2022 [deluge-start] Deluge startup script complete. Wed Feb 16 09:56:06 2022 /sbin/ip route add 86.106.103.67/32 via 192.168.112.1 Wed Feb 16 09:56:06 2022 /sbin/ip route add 0.0.0.0/1 via 172.21.36.1 Wed Feb 16 09:56:06 2022 /sbin/ip route add 128.0.0.0/1 via 172.21.36.1 Wed Feb 16 09:56:06 2022 /sbin/ip route add 0.0.0.0/0 via 172.21.36.1 RTNETLINK answers: File exists Wed Feb 16 09:56:06 2022 ERROR: Linux route add command failed: external program exited with error status: 2 Wed Feb 16 09:56:06 2022 WARNING: OpenVPN was configured to add an IPv6 route over tun0. However, no IPv6 has been configured for this interface, therefore the route installation may fail or may not work as expected. Wed Feb 16 09:56:06 2022 Initialization Sequence Completed Wed Feb 16 10:56:00 2022 TLS: soft reset sec=0 bytes=427421/-1 pkts=2513/0 Wed Feb 16 10:56:01 2022 VERIFY OK: depth=1, CN=Privado Wed Feb 16 10:56:01 2022 VERIFY KU OK Wed Feb 16 10:56:01 2022 Validating certificate extended key usage Wed Feb 16 10:56:01 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Wed Feb 16 10:56:01 2022 VERIFY EKU OK Wed Feb 16 10:56:01 2022 VERIFY X509NAME OK: CN=arn-001.vpn.privado.io Wed Feb 16 10:56:01 2022 VERIFY OK: depth=0, CN=arn-001.vpn.privado.io Wed Feb 16 10:56:01 2022 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Wed Feb 16 10:56:01 2022 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Wed Feb 16 10:56:01 2022 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA

Host system: RockPro64 (rk3399) SBC with armbian and openmediavault

[qu4542]

or maybe i was a littlebit quick to assume that it works, the webUI is accessible but the downloads are not starting... so maybe you can tell me what i am doint wrong, i know its some stuff with conflicting ip routes but i cant seem to get it right....

here is some more info on my topography that might help someone to give me a clue on how to fix this (also please be specific/idiotproof in your answers, skipping even little steps that you might find trivial can throw me off a lot as i am yet in the process of learning linux):

• OS: Armbian_20.10_Arm-64_buster_current_5.9.0
• Docker: Portainer Standalone 20.10.12

-this is my "ip r"

user@host:~$ ip r default via 192.168.178.1 dev eth0 proto dhcp src 192.168.178.xx metric 100 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 172.23.0.0/16 dev br-bae8fee5ec85 proto kernel scope link src 172.23.0.1 linkdown 172.24.0.0/16 dev br-38d9466115de proto kernel scope link src 172.24.0.1 172.27.0.0/16 dev br-7d664f89862a proto kernel scope link src 172.27.0.1 172.28.0.0/16 dev br-92bafb23027d proto kernel scope link src 172.28.0.1 172.30.0.0/16 dev br-1622a13d3a7d proto kernel scope link src 172.30.0.1 192.168.178.0/24 dev eth0 proto kernel scope link src 192.168.178.xx 192.168.178.1 dev eth0 proto dhcp scope link src 192.168.178.xx metric 100

[qu4542]

and "route -n"

[qu4542]

deluge connection status

[qu4542]

and another thing: in the bottom right there is an indicator that shows deluges external ip and its not my actual external ip so i guess in principle deluge actually goes through the vpn tunnle allready?

+there is an "error-button" and when i mouse-over it shows the following (there is plenty of free space in the dl-folder though)

[qu4542]

ok i got rid of the error message about the download folder and my external IP shown in deluge is not my regular exernal IP from my ISP but download is not starting (i tested the *.torrent it downloads in another torrent client so that should not be the issue either.